SYSTEMS AND METHODS FOR PARALLEL PROCESSING OF OCSP REQUESTS DURING SSL HANDSHAKE
First Claim
1. A method of processing an Online Certificate Status Protocol (OCSP) request in parallel to processing a Secure Socket Layer (SSL) handshake, the method comprising:
- (a) transmitting, by an Online Certificate Status Protocol (OCSP) responder of an intermediary device between a plurality of clients and one or more servers, an OCSP request to a OCSP server for a status of a client certificate responsive to receiving the client certificate from a client during a Secure Socket Layer (SSL) handshake;
(b) continuing, by the intermediary device, to perform remaining portions of the SSL handshake while the OCSP request to the OCSP server is outstanding;
(c) establishing, by the intermediary device, an SSL connection for the SSL handshake; and
(d) determining, by the intermediary, whether to terminate or maintain the established SSL connection based on the status of the client certificate received via a response from the OCSP server.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention is directed towards systems and methods for processing an Online Certificate Status Protocol (OCSP) request in parallel to processing a Secure Socket Layer (SSL) handshake. The method includes transmitting, by an OCSP responder of an intermediary device between a plurality of clients and one or more servers, an OCSP request to a OCSP server for a status of a client certificate responsive to receiving the client certificate from a client during a SSL handshake. The intermediary device may continue to perform remaining portions of the SSL handshake while the OCSP request to the OCSP server is outstanding. The intermediary device may establish an SSL connection for the SSL handshake. The intermediary device may determine whether to terminate or maintain the established SSL connection based on the status of the client certificate received via a response from the OCSP server.
-
Citations
20 Claims
-
1. A method of processing an Online Certificate Status Protocol (OCSP) request in parallel to processing a Secure Socket Layer (SSL) handshake, the method comprising:
-
(a) transmitting, by an Online Certificate Status Protocol (OCSP) responder of an intermediary device between a plurality of clients and one or more servers, an OCSP request to a OCSP server for a status of a client certificate responsive to receiving the client certificate from a client during a Secure Socket Layer (SSL) handshake; (b) continuing, by the intermediary device, to perform remaining portions of the SSL handshake while the OCSP request to the OCSP server is outstanding; (c) establishing, by the intermediary device, an SSL connection for the SSL handshake; and (d) determining, by the intermediary, whether to terminate or maintain the established SSL connection based on the status of the client certificate received via a response from the OCSP server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system of an intermediary device for processing an Online Certificate Status Protocol (OCSP) request in parallel to processing a Secure Socket Layer (SSL) handshake, the intermediary device between a plurality of clients and one or more servers, the system comprising:
-
an Online Certificate Status Protocol (OCSP) responder of an intermediary device transmitting an OCSP request to a OCSP server for a status of a client certificate responsive to the intermediary device receiving the client certificate from a client during a Secure Socket Layer (SSL) handshake; an SSL engine of the intermediary device continuing to perform remaining portions of the SSL handshake while the OCSP request to the OCSP server is outstanding and establishes and SSL connection for the SSL handshake; and wherein the intermediary device determines whether to terminate or maintain the SSL connection based on the status of the client certificate received via a response from the OCSP server. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification